Carol Gonzales currently serves as Cal Poly Pomona’s AVP for IT Security & Compliance/Chief Information Security Officer/Chief Privacy Officer. She has over 30 years of experience in government, higher education, and financial service sectors with experience in security, audit, project management, and IT service operations. At Cal Poly Pomona, Carol is responsible for the information security and compliance management strategy and programs including the adoption of campus IT policies and procedures, all IT auditing and risk management projects, as well as accessible technology and services for persons with disabilities. She also works with the support of the IT teams to support business continuity and disaster recovery. Carol also serves as an adjunct professor at Cal Poly Pomona’s College of Business Computer Information Systems department.

Carol is an active member of ISACA and has served in various chapter leadership roles as early as 1996. She currently serves as Vice President, where she has supported successful virtual membership and in-person events. She has also been an active partner with the Academic Relations committee. She has been a facilitator and presenter at the ISACA LA Spring Conference and CISA review sessions.

Carol is a proud alumnus of Cal Poly Pomona where she earned her Bachelor of Science in Computer Science and Master of Science in Business Administration with an emphasis in IS Auditing. She earned her doctorate from Claremont Graduate University in Information Systems and Technology.

Carol is a Certified Information Systems Auditor (CISA), Certified Data Privacy Solutions Engineer (CDPSE), and has the ITILv3 (Information Technology Infrastructure Library) certification.

Raquel de Leon is an Audit and Risk Management Leader, currently holding the position of Senior Manager Enterprise Risk at Reliance, Inc. (formerly Reliance Steel and Aluminum Co.). She currently supports the function in overseeing, monitoring, and optimizing the company’s risk management processes to ensure the effective identification, assessment, and mitigation of prioritized risks. She also manages ESG reporting initiatives.

She most recently served as Senior Internal Audit Manager – IT/Financial, overseeing IT SOX compliance and information security audits, and leading financial audits. She played a key role in the core function, development, and various initiatives of Internal Audit over the years, such as in audit planning, risk assessments, audit committee reporting, external quality assurance reviews, external audit coordination, data analytics efforts, document management, management of systems/tools and other special projects. Prior to joining Reliance, she gained experience at KPMG LLP US and in the airline industry, focusing on internal auditing and business process improvements.

Over Raquel’s 20+ years of comprehensive experience in IT, financial and operational audits, she has built up a solid foundation in risk management, auditing principles, frameworks and methodologies and technical proficiency in information security and various IT systems. Raquel is adept with managing cross-functional teams and collaborating with stakeholders at all levels. She is analytical and highly skilled in identifying risks and recommending risk mitigation strategies. She is relied upon for her leadership and emphasis on quality in directing complex and critical assignments.

With a growth mindset, Raquel is committed to continuous professional development and constantly encourages learning and growth among her peers and team. She has extended her influence by being a CISA Instructor for the ISACA LA Chapter. She is a Certified information Systems Auditor (CISA), a Certified Internal Auditor (CIA), and a Platinum member of ISACA. She was recently awarded with the ISACA LA Chapter Rising Star distinction for her contributions.

Michael is Lead Senior IT Security Engineer – Mergers and Acquisitions (M&A) at Cetera Financial Group.

He has been an enterprise IT risk and information security specialist with 14 years of industry experience in managing risk as an analyst, engineer, and project/program manager. Experience includes managing 20+ contractors in IT operations, 25+ FTEs/6 departments within cyber security & risk management, involvement in 225+ project/initiatives, and reporting to CISO and executive board members, as well as performing technical work in fields of IT risk & compliance, BC/DR, IAM, information security, and system development & administration, across US, China, Hong Kong, and India.

Steven is Senior Internal Auditor with the City of Pasadena.

He is performing diverse and specialized performance, compliance, and operational audits on behalf of the City of Pasadena. Developing recommendations regarding improvements in systems, controls, procedures, or other corrective actions as necessary to assist management to maintain a comprehensive framework of internal controls and ensure efficiency and effectiveness in operations.

Steven was Vice President of Finance for the PMI California Central Valley Chapter where he provided budgeting, accounting, and financial reporting services for the chapter of the Project Management Institute.

John is owner of Addison Risk Consulting LLC, a startup of consulting business aimed at helping organizations with value based risk and compliance service.

He previously was the Director of Risk and Assurance for North America at Orora Group, an Australian based packaging company. Before that he was GRC Manager at LA County in the Internal Services Department Cyber Governance Organization and was Aon IA global leader for IT Audit, Privacy and Data Analytics in Chicago for 20 years. IT risk executive with extensive experience in global corporate financial services and large government organizations. Leader of data protection and cybersecurity reviews in regulated environments, and data center and cloud hosting reviews leveraging NIST framework.

Passionate leader of global teams, as direct line manager and in collaborative multi-functional teams.

John transformed an Internal Audit data analytics function into a leading function providing data science services, collaboration, training, and risk insights. He also co-led the development of cybersecurity incident governance processes to oversee and coordinate cybersecurity and privacy incident response activities, communication strategies, and content for executives and governance boards, external stakeholders including regulators and clients.

Faron is a director with LegalRM where is drives strategic expansion of Information Governance solutions in North America. He also builds on a Physical and Electronic Records Management solution by iCompli and on the legacy of LegalKEY.

Faron has worked in technical sales for 20 years. His expertise includes process automation, information governance, and cybersecurity. Faron has broad experience from years in the Legal Solutions Group at Open Text to creating commercial solutions with open source platforms like Alfresco and Ephesoft. At BlackBerry, Faron now focuses on the Security spoke of the Information Governance wheel designing solutions that ensure the security of people, endpoints, and content everywhere business happens. Faron is an active participant and supporter of ARMA & ISACA. Currently, he serves as President of ARMA- Greater Los Angeles chapter and as the Marketing Chair for the Los Angeles chapter of ISACA. When not working, you’re likely to find him in the mountains on a bike, skis, or in hiking boots.

Jose is Senior IT Auditor at Kaiser Permanente and the Technology Chair of the ISACA Los Angeles Chapter.

He is an experienced IT Professional and resourceful and experienced leader with an extensive set of management skills and project planning capabilities. He is skilled in Risk Management, Change Management, Security, Regulatory Compliance, Technical Support, Helpdesk Management, Problem Management, Systems Administration, Networking, and Service Desk Management.

Tom is a director with PricewaterhouseCoopers in their Cyber, Risk and Regulatory practice. Over the past 17 years with the firm, he has focused on providing IT process and control services to clients in southern and northern California areas, amongst other markets. His work experience with these clients includes controls readiness assessments, third party / vendor risk assessments, and cybersecurity maturity assessments. In addition, he has led dozens of teams in developing and executing internal and external audits to ensure compliance with various frameworks, such as SOX 404, NIST, and PCI. He enjoys using data-driven analytics, robotics, data visualizations, and next generation technology to drive efficiency and insight into not only audit results, but also into overall organizational effectiveness. Tom is currently identifying areas where AI can benefit the IT controls efficiency and effectiveness, both from execution and auditing lenses. Tom has been a Certified Information Systems Auditor (CISA) for over 14 years.

Dr. Dan Manson is Professor Emeritus in Computer Information Systems at California State Polytechnic University, Pomona (Cal Poly Pomona). From September 2003 to March 2004 and January to December 2006, Dr. Manson served as the Campus Information Security Officer for Cal Poly Pomona.

Dr. Manson led the effort for Cal Poly Pomona to be designated a National Center of Academic Excellence in Information Assurance Education in 2005, 2008 and 2014. Since 2008 Dr. Manson has coordinated the Western Regional Collegiate Cyber Defense Competition.

Dan has been co-Principal Investigator on six National Science Foundation grants to support workforce, curriculum and professional development in cyber security, including leading student development on the current CyberWatch West NSF ATE Regional Center grant. Dan also was Principal Investigator for an NSF grant to help form an umbrella organization over cybersecurity competitions.

Dr. Manson is currently involved with grants on Evidencing Competency and K12 Cyber Pathways for the NSA CAE Program Office and a grant for the US Cyber Games. Dan also is teaching for Cal Poly Pomona and UNLV.